<?php 
$conn = mysql_connect("127.0.0.1","root","");
mysql_select_db("xingtan");
$id = mysql_real_escape_string($_GET['id']);
$title = mysql_real_escape_string($_GET['t']);
$picture = mysql_real_escape_string($_GET['p']);
$articles = mysql_real_escape_string($_GET['as']);
$state = intval($_GET['state']);

if ($title) {
  $sql = sprintf("UPDATE topics SET state='%d', title='%s', picture='%s', articles='%s' WHERE id = %s", $state, $title, $picture, $articles, $id);
  mysql_query($sql);
  print 'update success';
} else {
  print 'parameter error';
}
mysql_close($conn);
?>
